More and more, user personal private data migrates to the cloud. For example, photos may be stored on file sharing sites. A user's credit card and account info may be stored in online vaults associated with various security programs. Personal emails are often stored in cloud mail boxes. A user is typically required to log into cloud accounts using a username and password.
Unfortunately, usernames and passwords are prone to phishing attacks and other potential security breaches. Many people pick their passwords using identifiable personal information that can be easily obtained through public search, thus allowing third parties to compromise a user's account. Also, a user often uses the same password across multiple cloud accounts, so in compromising the least secure cloud service account, more secure and high-valued accounts can also be compromised.
Certain methods of multi-factor authentication have been introduced in an attempt to address the above issues, but these types of solutions usually require specialized devices that the user has to maintain and keep track of. Currently, there is no good mechanism for authenticating a user in the cloud that is secure, is intuitive to use, and relies on a non-digital device that the user already possesses.
In view of the foregoing, it may be understood that there may be significant problems and shortcomings associated with existing authentication methods.